org.jeecgframework.boot:jeecg-boot-base-core is vulnerable to cross-site scripting. The vulnerability exists in jeecg-boot/jmreport/view
with a mouseover event, allowing an attacker to inject and execute malicious javascript.
CPE | Name | Operator | Version |
---|---|---|---|
jeecg-boot-base-core | eq | 3.0 | |
jeecg-boot-base-core | eq | 3.0 |